Cyderes logo
Cyderes

Cyber Defense & Response. It's what we do.

Security Analyst II

Security AnalystSecurity AnalystFull TimeRemoteMid LevelTeam 501-1,000Since 2020H1B No SponsorCompany SiteLinkedIn

Location

United States

Posted

22 hours ago

Salary

$65K - $75K / year

Seniority

Mid Level

Bachelor Degree2 yrs expEnglishSplunk

Job Description

Security Analyst II

Cyderes

• Monitor, and investigate security alerts and events across enterprise environments • Perform proactive threat hunting activities to identify malicious behavior and vulnerabilities • Support incident response efforts including assessment, containment, investigation, and remediation • Use Splunk SIEM for log analysis, correlation, detection, and monitoring • Work with EDR technologies including Cisco AMP, CrowdStrike, and Trend Micro, Microsoft Defender • Help with vulnerability management activities and exposure analysis • Coordinate with third-party patch management providers to validate remediation efforts • Investigate suspicious activity, malware infections, phishing attempts, and endpoint threats • Document incidents, findings, and remediation recommendations • Collaborate with IT, infrastructure, and security teams across multiple regions • Help improve detection logic, monitoring processes, and security operational

Job Requirements

  • 2–5 years of experience in a Security Operations Center (SOC), Incident Response, or Security Analyst role
  • Hands-on experience with Splunk SIEM
  • Experience with CrowdStrike, Cisco AMP, Trend Micro, or similar EDR/security tools
  • Experience investigating security incidents and performing threat analysis
  • Understanding of vulnerability management and remediation processes
  • Familiarity with endpoint security, malware analysis, and attack detection techniques.

Benefits

  • Medical Insurance - Employee + dependents covered
  • Life Insurance - Protection for what matters most
  • Retirement Match Program - We invest in your future
  • Hybrid Work Model - 2–3 days in office
  • Maternity & Paternity Leave - Time for the moments that matter
  • Paid Time Off - PTO + sick & casual leave
  • Bereavement & Volunteer Time - Give back to your community
  • Professional Development - Reimbursement program
  • LinkedIn L&D Platform - Thousands of courses at your fingertips
  • Mobile Phone Reimbursement - Stay connected, on us

Related Job Pages

More Security Analyst Jobs

FS-ISAC logo

Threat Intelligence Analyst – Senior

FS-ISAC

The only global cyber intelligence sharing community solely focused on financial services.

Full TimeRemoteTeam 51-200Since 1999H1B No Sponsor

• Lead complex intelligence investigations involving cyber threat actors, ransomware operations, nation-state activity, vulnerabilities, and emerging threats • Collect, correlate, and analyze intelligence from technical and non-technical sources • Produce tactical, operational, and strategic intelligence assessments for members and stakeholders • Analyze adversary tactics, techniques, and procedures (TTPs) and map findings to frameworks such as MITRE ATT&CK • Assess the impact of cyber incidents, geopolitical developments, technology trends, and systemic risks affecting the financial sector • Author intelligence reports, threat assessments, alerts, white papers, and executive briefings • Present intelligence findings and risk recommendations to executives, members, and external partners • Translate technical intelligence into actionable business and risk-management insights • Lead information-sharing initiatives, intelligence exchanges, and member engagement activities • Build and maintain relationships with financial institutions, government agencies, law enforcement, and industry partners • Represent the organization at conferences, webinars, and industry forums • Leverages AI to enhance analysis, decision-making, productivity, and innovation • Maintains awareness of emerging AI technologies, threats, and risks • Contribute to intelligence strategy, collection priorities, and analytical standards • Identify opportunities to improve intelligence methodologies, workflows, automation, and reporting capabilities • Lead cross-functional projects and support organizational cyber resilience initiatives • Mentor Threat Intelligence Analyst I and II team members and provide analytical coaching and product reviews • Promote best practices in intelligence collection, analysis, reporting, and information sharing

Virginia
$110K - $165K / year
Full TimeRemoteTeam 201-500Since 2019H1B Sponsor

Role Description Security failures are rarely caused by a single technical mistake. More often, they stem from gaps in governance, risk management, operational discipline, and accountability. Strong GRC programs help prevent those failures by making security a business priority, not just a technical concern. Mercury is growing rapidly, and as we scale, we need to continue building resilience, strengthening governance, and improving the way we manage risk across the company. We have a strong foundation today, but the next phase of growth will require scalable programs, thoughtful controls, and cross functional partnerships that allow Mercury to move quickly without sacrificing security. We are looking for an Information Security GRC Analyst to help mature Mercury’s security, risk, and compliance programs. This is not a traditional compliance role focused only on audits and evidence collection. You will help build the systems, processes, and guardrails that support business continuity, customer trust, and long term resilience. In this role, you will: - Lead and support security risk assessments across products, systems, vendors, and business initiatives. - Partner with Engineering, Product, IT, Legal, Operations, and other teams to identify, evaluate, and mitigate risk. - Drive audit readiness and compliance initiatives across frameworks such as SOC 2, PCI DSS, NIST, CIS, and ISO 27001. - Conduct gap assessments against security and compliance frameworks, then build practical plans to close those gaps. - Design, implement, and mature scalable governance processes and security controls. - Help improve Mercury’s business continuity, resilience, and third party risk management programs. - Translate compliance and risk requirements into clear, actionable guidance for technical and non-technical stakeholders. - Identify opportunities to automate controls, evidence collection, and recurring GRC workflows. - Help ensure Mercury’s security program remains strong, efficient, and aligned with the speed of the business. Qualifications - Have experience scaling security, risk, compliance, or governance programs in a high growth SaaS, fintech, or cloud native environment. - Understand security frameworks such as SOC 2, PCI DSS, NIST, CIS, and ISO 27001, and can translate them into practical controls. - Bring strong ownership and project management skills, with a track record of driving cross functional initiatives from concept to completion. - Are comfortable creating structure from ambiguity and building programs or processes from scratch. - Take a risk based approach to decision making and can distinguish between theoretical risk and material business risk. - Communicate clearly with technical and non-technical stakeholders. - Have enough technical depth to partner effectively with engineers and evaluate security controls in cloud native environments. - Care about building security programs that enable the business rather than slow it down. Requirements - Tools and technologies you may work with: - AWS Config and AWS Audit Manager - GitHub - Vanta - GRC platforms and workflow tools - Cloud native security and compliance tooling Benefits - The total rewards package at Mercury includes base salary, equity, and benefits. - Our salary and equity ranges are highly competitive within the SaaS and fintech industry and are updated regularly using reliable compensation survey data. - New hire offers are made based on a candidate’s experience, expertise, geographic location, and internal pay equity relative to peers. - Our target new hire base salary ranges for this role are: - US employees in New York City, Los Angeles, Seattle, or the San Francisco Bay Area: $153,400 to $191,800 - US employees outside of New York City, Los Angeles, Seattle, or the San Francisco Bay Area: $138,100 to $172,600 - Canadian employees, any location: CAD 145,000 to CAD 181,300 Company Description Mercury is a fintech company, not an FDIC-insured bank. Banking services provided through Choice Financial Group and Column N.A., Members FDIC. Mercury values diversity & belonging and is proud to be an Equal Employment Opportunity employer. All individuals seeking employment at Mercury are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, sexual orientation, or any other legally protected characteristic. We are committed to providing reasonable accommodations throughout the recruitment process for applicants with disabilities or special needs. If you need assistance, or an accommodation, please let your recruiter know once you are contacted about a role.

United States + 1 moreAll locations: United States | Canada
$138.1K - $191.8K / year
Job Closed
ScriptPro logo

Cyber Security Analyst

ScriptPro

Our end-to-end pharmacy solutions power the business of pharmacy.

Full TimeRemoteTeam 501-1,000Since 1994H1B Sponsor

• Manage and track infrastructure, security, and product certification projects, ensuring full lifecycle execution across Risk Management Framework (RMF), Federal Risk and Authorization Management Program (FedRAMP), Payment Card Industry (PCI), Health Information Trust Alliance (HITRUST), International Organization for Standardization (ISO), and National Institute of Standards and Technology (NIST) frameworks • Develop, maintain, and deliver project documentation for Customer Service, DevOps, Information Assurance, and Executive leadership teams • Prepare and present monthly reports covering system compliance, security KPIs, audit readiness, and project status • Serve as a liaison between internal teams and customers, ensuring clear communication and alignment throughout complex security and compliance initiatives • Coordinate project schedules, facilitate cross-departmental tasks, and ensure all project phases are properly documented and completed • Support security programs aligned to Risk Management Framework (RMF) Step 1-6, Security Technical Implementation Guide (STIG) compliance, Assured Compliance Assessment Solution (ACAS)/Security Content Automation Protocol (SCAP) scanning, and NIST 800-53/171 control implementation • Contribute to FedRAMP Moderate/High authorization packages, System Security Plan (SSP) development, Plan of Action and Milestones (POA&M) management, and continuous monitoring activities • Assist with multi-framework compliance efforts including PCI DSS v4.0, HITRUST CSF, ISO 27001, Open Worldwide Application Security Project (OWASP) Top 10, and International Electrotechnical Commission (IEC) 62443 • Represent Information Assurance in internal and external meetings, proactively resolving conflicts and guiding teams through ambiguity • Perform other duties as assigned

Kansas
Foresite Cybersecurity logo

Security Analyst II

Foresite Cybersecurity

Transform security from a barrier to a Catalyst

Full TimeRemoteTeam 51-200Since 2013H1B No Sponsor

• You will work inside our 24/7 Cyber Fusion Center, handling escalated security alerts, leading complex investigations for our managed customers across Google Security Operations (Chronicle) and our SOAR platform, and serving as a subject matter expert for the broader team. • Act as the primary point of escalation for our Tier 1 Analysts. • Investigate incidents end-to-end: Review complex alert context, gather evidence from Chronicle UDM and supporting tools, reach a final disposition, and either close the ticket with a documented rationale or escalate to Tier 3/Incident Response with a clear handoff. • Optimize investigation playbooks: Follow established playbooks for the detection stack, but actively identify gaps, propose workflow improvements. • Communicate clearly in tickets: Ensure all tickets are understandable by the next analyst, the customer, or an auditor reading it six months from now. • Lead communications through the ticketing system on routine and complex investigations, requests for information, and exclusion/suppression requests.

Kansas